<?php

	require_once(dirname(__FILE__) . "/../core/safeParam.php");
	require_once '../core/database.php';
	
	if (!ini_get('register_globals')) {
		$superglobals = array( $_SERVER, $_ENV, $_FILES, $_POST, $_GET);
  		
  		if (isset($_SESSION)) {
  			array_unshift($superglobals, $_SESSION);
  		} 
  		
  		foreach ($superglobals as $superglobal) {
  			extract($superglobal, EXTR_SKIP);
  		} 
  		
  		ini_set('register_globals', true);
	}
	
	require_once '../core/functions.php';
	
	if (isset($_SESSION['password'])) {
		//define a restaurant
		if (isset($_GET['site']) && $_GET['site'] != '') {
			$_SESSION['arid'] = $_GET['site'];
  		} 
  		
  		if (isset($_SESSION['arid']) && $_SESSION['arid'] == '') {
  			if (isset($_SESSION['admin'])){
  				$_SESSION['arid'] = $_SESSION['admin'];
    		} else {
    			$_SESSION['arid'] = 1;
    		}
  		} 
  		
  		define("ARID", $_SESSION['arid']);
  		$config      = $database->select("SELECT * FROM config where id = " . $_SESSION['arid'] . "");
  		$query       = $database->query("SELECT * FROM config WHERE id =" . $_SESSION['arid'] . "");
  		
  		while ($list = mysql_fetch_array($query)) {
  			$home = $list['home'];
  		} 
	} 
	
	$function = $_GET['function'];
	
	switch ($function) {
		case "cb":
			$method          = $_GET['method'];
    		$update['name']  = $method;
    		$update['value'] = $_POST[$method];
    		$update['rid']   = $_POST['rid'];
    		$check_areas     = $database->select("SELECT * from options where name = '$method' AND rid = " . $_POST['rid'] . "");
    		
    		if ($check_areas == FALSE) {
    			$database->insert_array("options", $update);
    		} else {
      		$database->update_array("options", $update, "name = '$method' and rid ='" . $_POST['rid'] . "' ");
    		}
    		
    		echo '<p style="color:green;font-weight:bold">Configuracion guardada</p>';
    		break;
  		
  		case "enable-multi":
    		$check_areas = $database->select("SELECT * from options where name = 'enable_multi'");
    		$v['name']   = 'enable_multi';
    		$v['value']  = $_POST['multi'];
    		
    		if ($check_areas == FALSE) {
      		$database->insert_array("options", $v);
    		} else {
      		$database->update_array("options", $v, "name = 'enable_multi'");
    		}
    		
    		if ($_POST['multi'] == 1) {
      		echo 'Ahora es multi-sitio';
    		} else {
      		echo 'Ahora NO es multi-sitio';
    		}
    		break;
  		
  		case "add-area":
    		$v['name']   = $_POST['type'];
    		$v['value']  = $_POST['name'];
    		$v['rid']    = $_POST['rid'];
    		$check_areas = $database->select("SELECT * from options where name = '" . $_REQUEST['type'] . "' and rid =  '" . $_REQUEST['rid'] . "' and value = '" . $_POST['name'] . "'");
    		
    		if ($check_areas == FALSE) {
      		$database->insert_array("options", $v);
    		} //$check_areas == FALSE
    		break;
  		
  		case "delete-area":
    		$id = $_REQUEST['id'];
    		$database->delete("options", "id = $id");
    		break;
  		
  		case "delete-total-area":
    		$id   = $_REQUEST['id'];
    		$type = $_REQUEST['type'];
    		
    		//hey remember u said u would pay me for vaca? :) I did do everything i needed plus more lol 
    		$database->delete("options", "name = '$type' AND value = '$id'");
    		break;
  		
  		case "load-areas":
    		$areas = $database->select("SELECT * from options where name = '" . $_REQUEST['type'] . "' GROUP by value ORDER by value");
    		
    		for ($i = 0; $i < count($areas); $i++) {
      		$check_areas = $database->select("SELECT * from options where name = '" . $_REQUEST['type'] . "' and rid =  '" . $_REQUEST['rid'] . "' and value = '" . $areas[$i]['value'] . "'");
      		
      		if ($check_areas == FALSE) {
        			$checked   = '';
        			$checked_j = " onclick=\"addDefinedArea('" . $areas[$i]['value'] . "' ,'" . $areas[$i]['name'] . "','" . $_REQUEST['rid'] . "'  )\"";
      		} else {
        			$checked_j = " onclick=\"deleteArea(" . $check_areas[0]['id'] . ", '" . $_REQUEST['type'] . "' )\" ";
        			$checked   = 'checked="checked"';
      		}
      		
      		$checked_js = " href=\"javascript:deleteTotalArea('" . $areas[$i]['value'] . "', '" . $_REQUEST['type'] . "' )\" ";
      		echo '
      		<div style="float:left;width:33%">
      			<input ' . $checked . '  style="width:15px" type="checkbox" name="' . $_REQUEST['type'] . '[]" value=""' . $checked_j . '>  
      				' . $areas[$i]['value'] . ' <a ' . $checked_js . '>[x]</a> 
      		</div>';
    		} //$i = 0; $i < count($areas); $i++
    		break;
  		
  		case "assign-areas":
    		break;
  		
  		case "user-search":
    		$term = $_GET['term'];
    		$query = "select email from users where email like '%$term%'";
    		$results = $database->select($query);
    		
    		if (!$results){
    			echo "[]";
      		return;
    		}
    		
    		$array = Array();
    		
    		for ($i = 0; $i < count($results); $i++){
    			$array[$i] = $results[$i]['email'];
    		}
    
    		$json = json_encode($array);
    		echo $json;
    		break;
  		
  		case "setPermission":
  			$email = $_POST['email'];
    		$activity = $_POST['activity'];
    		$value = $_POST['value'];
    		$rid = $_SESSION['arid'];
    		$query = "delete from options where name = '".$email."_authorized' and value = '$activity' and rid = '$rid'";
    		$database->query($query);
    		
    		if ($value == "true"){
    			$query = "insert into options (name, value, rid) values ('".$email."_authorized', '$activity', '$rid')";
      		$database->query($query);
    		}
    		
    		echo "success";
    		break;
	} //$function
?>
